Whether or not you play World of Warcraft, you may be receiving emails indicating that your Battle.net account has been compromised and locked down. The emails ask you to visit a site and log in to unlock your account. While these emails and the web site to which they direct you look legitimate, they are not.
Please note that the web site to which you are taken to “restore access to your account” is displayed as us.battle.net in the email, which is the actual Battle.net site, but you are taken to “us.battle.account-service-mangement.net.” While this looks legitimate, the site is actually account-service-management and us.battle are subdomains the phishers have created to steal your account.
Always be wary of entering your password in response to an email request, even if the site looks legitimate. Double check the site address, or go to the site you know is real manually rather than using the hyperlink. As a reminder, you should use different passwords for different accounts to improve your security, and for World of Warcraft I recommend using a Battle.net Authenticator (also available as an iPhone app and an Android app).
The below is an example of the scam email. Please just delete this email, as your account has not been compromised and no action is needed. If you have already responded to this email or logged in via the site it provides, change your Battle.net password immediately and be sure to change your passwords anywhere else you use the same login credentials.
Subject: Too Many Attempts Warning
Dear customer,
Due to suspicious activity, your Battle.net account has been locked. You tried to login your account too many times (403). We are concerned about whether your account has been stolen. In order to guarantee the legitimacy of your account, we need you follow these steps:
Step 1: Secure Your Computer
In the event that your computer has been infected with malicious software such as a keylogger or trojan, simply changing your password may not deter future attacks without first ensuring that your computer is free from these programs. Please visit our Account Security website to learn how to secure your computer from unauthorized access.
Step 2: Secure Your E-mail Account
After you have secured your computer, check your e-mail filters and rules and look for any e-mail forwarding rules that you did not create. For more information on securing your e-mail account, visit our Support page.
Step 3: Restore access to Your account
We now provide a secure link for you to verify whether you have taken the appropriate steps to secure the account, your computer, and your email address. Please follow this site to restore the access to your account: <hyperlink removed>
If you still have questions or concerns after following the steps above, feel free to contact Customer Support at <hyperlink removed>
Sincerely,
The Battle.net Account Team
Online Privacy Policy
